New auth(RS256) flow changes

.circleci/config.yml

@@ -66,13 +66,12 @@ workflows:
           context : org-global
           filters:
             branches:
-              only:
-                - develop
+              only: [develop, "feature/Auth0-RS256-Token"]
 
       # Production builds are exectuted only on tagged commits to the
       # master branch.
       - "build-prod":
           context : org-global
           filters:
             branches:
-              only: master
+              only: master

docker/Dockerfile

@@ -1,5 +1,5 @@
 # Use the base image with Node.js
-FROM node:8.12
+FROM node:14
 
 # Copy the current directory into the Docker image
 COPY . /topcoder-x-ui
@@ -12,4 +12,4 @@ RUN npm install
 RUN npm run build
 #RUN npm test
 
-CMD npm start
+CMD npm start

package.json

@@ -7,13 +7,13 @@
     "private": true,
     "main": "src/app.js",
     "engines": {
-        "node": "8",
-        "npm": "5"
+        "node": "14",
+        "npm": "6"
     },
     "scripts": {
-        "start": "node src/app.js",
+        "start": "node -r esm src/app.js",
         "serve": "./node_modules/.bin/concurrently \"npm run start:be\" \"npm run start:fe\"",
-        "start:be": "nodemon src/app.js ",
+        "start:be": "nodemon -r esm src/app.js",
         "start:fe": "gulp build:watch",
         "build": "gulp build",
         "test": "node ./node_modules/mocha/bin/mocha --recursive --timeout 999999 --colors tests/*.test.js --bail",
@@ -38,6 +38,7 @@
         "angular-ui-bootstrap": "~2.5.0",
         "angular-ui-router": "~1.0.23",
         "angularjs-datepicker": "^2.1.23",
+        "atob": "^2.1.2",
         "auth0-angular": "~4.0.4",
         "auth0-js": "^9.11.3",
         "auth0-lock": "^11.17.2",
@@ -52,6 +53,7 @@
         "cors": "^2.8.4",
         "debug": "~2.6.3",
         "dynamoose": "^1.1.0",
+        "esm": "^3.2.25",
         "express": "^4.15.4",
         "express-jwt": "^5.3.0",
         "express-session": "^1.15.5",
@@ -81,7 +83,8 @@
         "superagent-promise": "^1.1.0",
         "typescript": "~2.3.3",
         "uuid": "^3.3.2",
-        "winston": "^2.3.1"
+        "winston": "^2.3.1",
+        "@topcoder-platform/tc-auth-lib": "git+https://github.com/topcoder-platform/tc-auth-lib.git#1.0.0"
     },
     "devDependencies": {
         "angular-mocks": "~1.4.4",

src/app.js

@@ -15,14 +15,15 @@ const express = require('express');
 const bodyParser = require('body-parser');
 const session = require('express-session');
 const cookieParser = require('cookie-parser');
-const jwtDecode = require('jwt-decode');
+const decodeToken = require('@topcoder-platform/tc-auth-lib').decodeToken;
 // const secure = require('ssl-express-www');
 const config = require('./config');
 const routes = require('./routes');
 const logger = require('./common/logger');
 const errors = require('./common/errors');
 const constants = require('./common/constants');
 const {getAppHealth} = require('./controllers/AppHealthController');
+global.atob  = require('atob');
 
 const app = express();
 app.use(cors());
@@ -45,7 +46,7 @@ _.forEach(routes, (verbs, path) => {
       actions.push((req, res, next) => {
         const v3jwt = _.get(req.cookies, constants.JWT_V3_NAME);
         if (v3jwt) {
-          const decoded = jwtDecode(v3jwt);
+          const decoded = decodeToken(v3jwt);
           req.currentUser = {
             handle: decoded.handle.toLowerCase(),
             roles: decoded.roles,

src/config.js

@@ -61,11 +61,11 @@ module.exports = {
   },
   TOPCODER_VALUES: {
     dev: {
-      TC_LOGIN_URL: process.env.TC_LOGIN_URL || 'https://accounts.topcoder-dev.com/member',
+      TC_LOGIN_URL: process.env.TC_LOGIN_URL || 'https://accounts-auth0.topcoder-dev.com',
       TC_USER_PROFILE_URL: process.env.TC_USER_PROFILE_URL || 'https://api.topcoder-dev.com/v2/user/profile',
     },
     prod: {
-      TC_LOGIN_URL: process.env.TC_LOGIN_URL || 'https://accounts.topcoder.com/member',
+      TC_LOGIN_URL: process.env.TC_LOGIN_URL || 'https://accounts-auth0.topcoder.com',
       TC_USER_PROFILE_URL: process.env.TC_USER_PROFILE_URL || 'https://api.topcoder.com/v2/user/profile',
     },
   },
@@ -76,11 +76,11 @@ const frontendConfigs = {
       "JWT_V3_NAME":"v3jwt",
       "JWT_V2_NAME":"tcjwt",
       "COOKIES_SECURE":false,
-      "TC_LOGIN_URL": "https://accounts.topcoder-dev.com/member",
+      "TC_LOGIN_URL": "https://accounts-auth0.topcoder-dev.com",
       "TC_USER_PROFILE_URL": "http://api.topcoder-dev.com/v2/user/profile",
       "API_URL": "https://127.0.0.1:8443",
       "ADMIN_TOOL_URL": "http://localhost:8080/api/v2",
-      "ACCOUNTS_CONNECTOR_URL": "https://accounts.topcoder-dev.com/connector.html",
+      "ACCOUNTS_CONNECTOR_URL": "https://accounts-auth0.topcoder-dev.com",
       "DIRECT_URL_BASE": "https://www.topcoder-dev/direct/projectOverview?formData.projectId=",
       "OWNER_LOGIN_GITHUB_URL":"/api/v1/github/owneruser/login",
       "OWNER_LOGIN_GITLAB_URL":"/api/v1/gitlab/owneruser/login",
@@ -92,11 +92,11 @@ const frontendConfigs = {
       "JWT_V3_NAME":"v3jwt",
       "JWT_V2_NAME":"tcjwt",
       "COOKIES_SECURE":false,
-      "TC_LOGIN_URL": "https://accounts.topcoder-dev.com/member",
+      "TC_LOGIN_URL": "https://accounts-auth0.topcoder-dev.com",
       "TC_USER_PROFILE_URL": "https://api.topcoder-dev.com/v2/user/profile",
       "API_URL": "https://api.topcoder-dev.com",
       "ADMIN_TOOL_URL": "https://api.topcoder-dev.com/v2",
-      "ACCOUNTS_CONNECTOR_URL": "https://accounts.topcoder-dev.com/connector.html",
+      "ACCOUNTS_CONNECTOR_URL": "https://accounts-auth0.topcoder-dev.com",
       "DIRECT_URL_BASE": "https://www.topcoder-dev.com/direct/projectOverview?formData.projectId=",
       "OWNER_LOGIN_GITHUB_URL":"/api/v1/github/owneruser/login",
       "OWNER_LOGIN_GITLAB_URL":"/api/v1/gitlab/owneruser/login",
@@ -108,11 +108,14 @@ const frontendConfigs = {
       "JWT_V3_NAME":"v3jwt",
       "JWT_V2_NAME":"tcjwt",
       "COOKIES_SECURE":false,
-      "TC_LOGIN_URL": "https://accounts.topcoder-dev.com/member",
+      "TC_LOGIN_URL": "https://accounts-auth0.topcoder-dev.com",
+
+      // TODO: we can clean this conf, as no need https://github.com/topcoder-platform/topcoder-x-ui/issues/342
       "TC_USER_PROFILE_URL": "https://api.topcoder-dev.com/v2/user/profile",
+
       "API_URL": "https://api.topcoder-dev.com",
       "ADMIN_TOOL_URL": "https://api.topcoder-dev.com/v2",
-      "ACCOUNTS_CONNECTOR_URL": "https://accounts.topcoder-dev.com/connector.html",
+      "ACCOUNTS_CONNECTOR_URL": "https://accounts-auth0.topcoder-dev.com",
       "DIRECT_URL_BASE": "https://www.topcoder-dev.com/direct/projectOverview?formData.projectId=",
       "OWNER_LOGIN_GITHUB_URL":"/api/v1/github/owneruser/login",
       "OWNER_LOGIN_GITLAB_URL":"/api/v1/gitlab/owneruser/login",
@@ -124,11 +127,11 @@ const frontendConfigs = {
       "JWT_V3_NAME":"v3jwt",
       "JWT_V2_NAME":"tcjwt",
       "COOKIES_SECURE":false,
-      "TC_LOGIN_URL": "https://accounts.topcoder-dev.com/member",
+      "TC_LOGIN_URL": "https://accounts-auth0.topcoder-dev.com",
       "TC_USER_PROFILE_URL": "https://api.topcoder-dev.com/v2/user/profile",
       "API_URL": "https://api.topcoder-qa.com",
       "ADMIN_TOOL_URL": "https://api.topcoder-qa.com/v2",
-      "ACCOUNTS_CONNECTOR_URL": "https://accounts.topcoder-qa.com/connector.html",
+      "ACCOUNTS_CONNECTOR_URL": "https://accounts-auth0.topcoder-dev.com",
       "DIRECT_URL_BASE": "https://www.topcoder-dev.com/direct/projectOverview?formData.projectId=",
       "OWNER_LOGIN_GITHUB_URL":"/api/v1/github/owneruser/login",
       "OWNER_LOGIN_GITLAB_URL":"/api/v1/gitlab/owneruser/login",
@@ -140,11 +143,11 @@ const frontendConfigs = {
       "JWT_V3_NAME":"v3jwt",
       "JWT_V2_NAME":"tcjwt",
       "COOKIES_SECURE":false,
-      "TC_LOGIN_URL": "https://accounts.topcoder.com/member",
+      "TC_LOGIN_URL": "https://accounts-auth0.topcoder.com",
       "TC_USER_PROFILE_URL": "https://api.topcoder.com/v2/user/profile",
       "API_URL": "https://api.topcoder.com",
       "ADMIN_TOOL_URL": "https://api.topcoder.com/v2",
-      "ACCOUNTS_CONNECTOR_URL": "https://accounts.topcoder.com/connector.html",
+      "ACCOUNTS_CONNECTOR_URL": "https://accounts-auth0.topcoder.com",
       "DIRECT_URL_BASE": "https://www.topcoder.com/direct/projectOverview?formData.projectId=",
       "OWNER_LOGIN_GITHUB_URL":"/api/v1/github/owneruser/login",
       "OWNER_LOGIN_GITLAB_URL":"/api/v1/gitlab/owneruser/login",
@@ -173,4 +176,4 @@ module.exports.frontendConfigs = {
   TOPCODER_URL: process.env.TOPCODER_URL || frontendConfigs[activeEnv].TOPCODER_URL,
   GITHUB_TEAM_URL: process.env.GITHUB_TEAM_URL || frontendConfigs[activeEnv].GITHUB_TEAM_URL,
   GITLAB_GROUP_URL: process.env.GITLAB_GROUP_URL || frontendConfigs[activeEnv].GITLAB_GROUP_URL
-};
+};

src/front/src/app/auth/auth.config.js

@@ -9,25 +9,6 @@
 
 angular.module('topcoderX')
   .config(['$httpProvider', 'jwtInterceptorProvider', function ($httpProvider, jwtInterceptorProvider) {
-    var refreshingToken = null;
-
-    function handleRefreshResponse(res, $authService) {
-      var ref;
-      var ref1;
-      var ref2;
-
-      const newToken = (ref = res.data) != null ? (ref1 = ref.result) != null ?
-        (ref2 = ref1.content) != null ? ref2.token : void 0 : void 0 : void 0;
-
-      $authService.setTokenV3(newToken);
-
-      return newToken;
-    };
-
-    function refreshingTokenComplete() {
-      refreshingToken = null;
-    };
-
     jwtInterceptorProvider.tokenGetter = [
       'AuthService', '$http', 'Helper', '$rootScope', 'config',
       function (AuthService, $http, Helper, $rootScope, config) {
@@ -43,18 +24,9 @@ angular.module('topcoderX')
           var currentToken = AuthService.getTokenV3();
 
           if (AuthService.getTokenV3() && AuthService.isTokenV3Expired()) {
-            if (refreshingToken === null) {
-              refreshingToken = $http({
-                method: 'GET',
-                url: $rootScope.appConfig.API_URL + "/v3/authorizations/1",
-                headers: {
-                  'Authorization': "Bearer " + currentToken
-                }
-              }).then(function (res) { handleRefreshResponse(res, AuthService) })["finally"](refreshingTokenComplete).catch(function () {
-                AuthService.login();
-              });
-            }
-            return refreshingToken;
+            var token = AuthService.getToken('v3jwt')
+            if (token) return token
+            else AuthService.login()
           } else {
             return currentToken;
           }